Splunk

Splunk Cloud Platform

96 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2023-22933

Exploit
  • EPSS 0.52%
  • Veröffentlicht 14.02.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:45:40

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a View allows for Cross-Site Scripting (XSS) in an extensible mark-up language (XML) View through the ‘layoutPanel’ attribute in the ‘module’ tag’.

8

CVE-2023-22934

Exploit
  • EPSS 0.12%
  • Veröffentlicht 14.02.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:45:40

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands using a saved search job. The vulnerability requires an authenticated user to c...

8.8

CVE-2023-22935

  • EPSS 0.13%
  • Veröffentlicht 14.02.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:45:40

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a r...

6.3

CVE-2023-22936

  • EPSS 0.17%
  • Veröffentlicht 14.02.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:45:40

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without th...

4.3

CVE-2023-22938

  • EPSS 0.25%
  • Veröffentlicht 14.02.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:45:40

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the ‘splunk-system-user’ account on the local instanc...

8.8

CVE-2023-22939

  • EPSS 0.09%
  • Veröffentlicht 14.02.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:45:40

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within...

5.7

CVE-2023-22940

  • EPSS 0.34%
  • Veröffentlicht 14.02.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:45:41

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language (SPL) command, including ‘summaryindex’, ‘sumindex’, ‘stash’,’ mcollect’, and ‘meventcollect’, were not designated as safeguarded comma...

7.5

CVE-2023-22941

  • EPSS 1.09%
  • Veröffentlicht 14.02.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:45:41

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Transformation crashes the Splunk daemon (splunkd).

8.8

CVE-2022-43567

Exploit
  • EPSS 1.06%
  • Veröffentlicht 04.11.2022 23:15:10
  • Zuletzt bearbeitet 21.11.2024 07:26:48

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile alerts feature in the Splunk Secure Gateway app.

8.8

CVE-2022-43565

  • EPSS 0.2%
  • Veröffentlicht 04.11.2022 23:15:10
  • Zuletzt bearbeitet 21.11.2024 07:26:47

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation (JSON) lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Secur...